[Snort-users] Still Help Needed: i want to make a firewall
mkettler at ...4108...
Wed Apr 16 19:19:13 EDT 2003
At 05:28 PM 4/16/2003 -0700, Michael Steele wrote:
>Bottom line is to use what you're comfortable with. Snort CAN be installed
>securely on either platform (Windows or *nix).
Agreed whole heartedly. Although properly securing a windows box is just as
complex a problem as properly securing a unix server, it's not impossible.
The only degree to which it is worse is the absolutely horrid history of
exploits to IIS (not that Apache is any better).
I certainly would question the wisdom of running snort on a NT box that
sits outside your firewall and runs IIS on the external interface. But I'd
also question the wisdom of doing the same thing with a Linux box running
Apache, bind, ssh, or sendmail on the external interface. Anyone doing
either of these setups is just _asking_ to be exploited in the worst
Although all of this this OS difference banter still doesn't address his
original problem, which was needing a firewall. Snort just isn't a
replacement for one, no matter what platform you run it on.
More information about the Snort-users